Virtual PE in memory

Started by Vortex, March 17, 2007, 11:31:30 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Vortex

March 17, 2007, 11:31:30 PM
Here is an example of building a virtual PE in memory with Visual C++ 2005 Express edition, it's the continuation of the thread Loading and running EXEs and DLLs from memory

Code Select
#define WIN32_LEAN_AND_MEAN
#include <windows.h>

extern HMODULE __stdcall LoadEXEfromMem(void *pEXE,void *pEntryPoint);
extern HMODULE __stdcall FreeEXEfromMem(HMODULE hVirtualModule);
extern void *pModule;

int WINAPI WinMain(HINSTANCE hThisInstance, HINSTANCE hPrevInstance, LPSTR lpszArgument,int nFunsterStil)
{
HMODULE hModule;
void (*pVirtEntryPoint)();
MessageBox(0,"Ready to test PE in memory","PE in memory",MB_OK);
hModule=LoadEXEfromMem(&pModule,&pVirtEntryPoint);
if (!hModule) {
MessageBox(0,"Failed to load the virtual PE","Error",MB_ICONERROR);
return 1;
}
pVirtEntryPoint();
MessageBox(0,"Testing finished","PE in memory",MB_OK);
FreeEXEfromMem(hModule);
return 0;
}
[attachment deleted by admin]
Print
Go Up Pages1
User actions